 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Windows Server 2003 / Scripting / September 2007List Users and Attributes in Multiple Groups
Hi, I'm relatively new to scripting and have run a search to find a script that will let me feed it a list of AD Groups and extract attributes for all the users in the groups. I have a small script that will let me retrieve the LDAP name, but would also like to extract things like LANID, Display Name, Group Name, EmployeeID in a table that I can sort. I'll continue my search but I thought I would post here to see what may be available untill I find something. Thanks,  SignatureDon S On Sep 25, 1:56 pm, DSchenk952 <DSchenk...@discussions.microsoft.com> wrote: > Hi, I'm relatively new to scripting and have run a search to find a script > that will let me feed it a list of AD Groups and extract attributes for all [quoted text clipped - 8 lines] > -- > Don S Don, Can you post the script you're currently using? -J www.pooradmin.com In this script I'm getting the group member LDAP name back, (if I'm saying that correctly). And would like the output on LANID, GroupName, EmployeeID, etc., =============================== On Error Resume Next Set objGroup = GetObject _ ("LDAP://cn=Forest Owners,ou=Global Admins,dc=Don,dc=Corvette,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "Forest Owners" For Each strMember in arrMemberOf WScript.echo strMember Next Set objGroup = GetObject _ ("LDAP://cn= Service Admins,ou=Global Admins,dc=Don,dc=Corvette,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "" WScript.Echo "Service Admins" For Each strMember in arrMemberOf WScript.echo strMember Next Set objGroup = GetObject _ ("LDAP://cn=Data Admins,ou=Global Admins,dc=Don,dc=Corvette,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "" WScript.Echo "Data Admins" For Each strMember in arrMemberOf WScript.echo strMember Next Set objGroup = GetObject _ ("LDAP://cn=ServiceDesk Operators,ou=Global Admins,dc=Don,dc=Corvette,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "" WScript.Echo "ServiceDesk Operators" For Each strMember in arrMemberOf WScript.echo strMember Next Set objGroup = GetObject _ ("LDAP://cn=IT_DBA,ou=Server Admins,ou=Servers,dc=Don,dc=Corvette,dc=com") objGroup.GetInfo arrMemberOf = objGroup.GetEx("member") WScript.Echo "" WScript.Echo "IT_DBA" For Each strMember in arrMemberOf WScript.echo strMember Next ============================== SignatureDon S > On Sep 25, 1:56 pm, DSchenk952 <DSchenk...@discussions.microsoft.com> > wrote: [quoted text clipped - 17 lines] > -J > www.pooradmin.com I suggest using the Members method of the group object, which returns a collection of member objects. With the member objects you can retrieve any attribute values desired. For example: =========== Set objGroup = GetObject _ ("LDAP://cn=Forest Owners,ou=Global Admins,dc=Don,dc=Corvette,dc=com") For Each objMember In objGroup.Members Wscript.Echo objMember.sAMAccountName & "," & objGroup.sAMAccountName & "," & objMember.employeeID Next ========= The code you posted displays the member Distinguished Names. The sAMAccountName attribute is the "pre-Windows logon name" of users, and is probably what you call LANID (some call it userID or NT User name). The sAMAccountName attribute of group objects is the NetBIOS name of the group. You could substitute the Common Name of the group with objGroup.cn. The Distinguished Name of the user would be objUser.distinguishedName. SignatureRichard Mueller Microsoft MVP Scripting and ADSI Hilltop Lab - http://www.rlmueller.net -- > In this script I'm getting the group member LDAP name back, (if I'm saying > that correctly). And would like the output on LANID, GroupName, [quoted text clipped - 91 lines] >> -J >> www.pooradmin.com Richard, Thanks. That's great, and does exactly what I'm looking for. Only one more question from this noobie. Where can I find the different values that go along with objMember? Thanks, I appreciate the schooling. SignatureDon S > I suggest using the Members method of the group object, which returns a > collection of member objects. With the member objects you can retrieve any [quoted text clipped - 109 lines] > >> -J > >> www.pooradmin.com There are many attributes available. This link documents most: http://www.rlmueller.net/UserAttributes.htm The first spreadsheet documents the user attributes corresponding to most of the tabs in ADUC. The second spreadsheet documents all attributes in a default installation of Windows 2000 AD, and the classes of objects they apply to (user, group, computer, etc). The third spreadsheet documents user object methods available. Note that objMember can be a user, a group, or a computer object. SignatureRichard Mueller Microsoft MVP Scripting and ADSI Hilltop Lab - http://www.rlmueller.net -- > Richard, > [quoted text clipped - 126 lines] >> >> -J >> >> www.pooradmin.com |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.